External Resources

Official regulatory sources organised for practical work

A working index of official privacy, AI governance, and cybersecurity sources for research, drafting, verification, and internal reference.

Data Protection AI Governance Cybersecurity13authorities88resources

13 authorities88 resourcesOfficial bodies only

Data Protection

GDPR, ePrivacy and supervisory authorities

Official guidance, legislation, and reference material from EU institutions, the Irish DPC, the ICO, and European data protection bodies.

01Irish DPC

Ireland — Data Protection Commission

Official guidance and legislation from the Irish supervisory authority.

11 resources3 categories

DPC Guidance Hub

Browse all official DPC guidance by topic.

Breach Notification

How to report data breaches to the DPC.

Cookies and Tracking Guidance

Consent requirements for cookies and tracking technologies.

Common questions about cookie compliance.

02UK ICO

United Kingdom — ICO and PECR

Guidance from the Information Commissioner’s Office, including PECR for cookies and electronic marketing.

9 resources2 categories

GOV.UK Data Protection Overview

Government overview of UK GDPR and the Data Protection Act 2018.

ICO UK GDPR Hub

Central hub for UK GDPR guidance.

ICO DPIA Guidance

Detailed practical guidance on DPIAs.

Data Protection Act 2018

Official UK legislation text.

legislation.gov.uk

03EUR-Lex

EU Primary Legislation

The official legal texts as published in the Official Journal of the European Union.

4 resources2 categories

GDPR (Regulation 2016/679)

Consolidated GDPR Text

The full Regulation in consolidated, readable format.

Official Journal Record

Formal OJ publication reference for citation purposes.

ePrivacy Directive (2002/58/EC)

Consolidated ePrivacy Text

EU rules on electronic communications privacy, including the cookie consent requirement in Article 5(3).

Official Journal Record

Formal OJ publication reference.

04European Commission

European Commission — Policy and Transfers

Official Commission materials on data protection policy and cross-border transfer mechanisms.

8 resources2 categories

Data Protection Hub

The Commission’s central page for EU data protection policy.

Data Protection Explained

Plain-language explanation of core GDPR concepts.

Legal Framework Overview

How GDPR fits alongside related EU instruments.

International Transfers Hub

Index page for transfer mechanisms, adequacy, and EU–US topics.

05EDPB

European Data Protection Board

The EU-level body responsible for consistent GDPR interpretation across the EU and EEA.

9 resources3 categories

Main site for the European Data Protection Board.

Guidelines and Recommendations

Official guidance clarifying GDPR interpretation.

Documents Library

Search guidelines, opinions, statements, and other publications.

SME Data Protection Guide

Practical guidance designed for smaller organisations.

06EDPS / Your Europe

EDPS and EU Business Portals

The regulator for EU institutions plus practical portals for businesses operating in the single market.

4 resources2 categories

EDPS

EDPS Guidelines

Official guidance for EU institutions and bodies.

Complaints Overview

How complaints to the EDPS work.

Regulation 2018/1725

Data protection rules for EU institutions and bodies.

EU business portals

Your Europe — Data Protection for Businesses

Practical EU portal for businesses on GDPR compliance.

AI Governance

EU AI Act legislation and implementation material

Primary legal text, Commission implementation materials, and official governance resources for the EU AI Act.

01EUR-Lex

Primary Legislation

The official legal text of the AI Act as published in the Official Journal.

2 resources1 category

AI Act (Regulation 2024/1689)

Consolidated AI Act Text

The full Regulation (EU) 2024/1689 in readable form.

Official Journal Record (PDF)

Formal OJ publication reference for citation purposes.

02European Commission

Commission Guidelines and Implementation

Official Commission guidelines, practical examples, and implementation materials.

4 resources1 category

Regulatory framework

AI Act Regulatory Framework Hub

Central page for the AI Act, including risk levels, timeline, and governance.

Guidelines on Prohibited AI Practices

Legal explanations and practical examples for the Article 5 prohibitions.

Guidelines for Providers of GPAI Models

Scope of obligations for general-purpose AI model providers under Chapter V.

Upcoming Implementation Guidelines

Overview of guidelines in preparation for later stages of AI Act application.

03AI Office

AI Office and Governance

The EU governance structure responsible for AI Act implementation, enforcement, and coordination.

4 resources2 categories

Governance bodies

European AI Office

The centre of AI expertise within the Commission, responsible for GPAI model enforcement.

AI Act Governance and Enforcement

Overview of the AI Board, Scientific Panel, Advisory Forum, and national authorities.

The Member State coordination body advising on consistent AI Act application.

Practical resources

AI Act Service Desk FAQ

Official Q&A on practical AI Act implementation questions.

Cybersecurity

Cybersecurity law, frameworks and incident guidance

Official cybersecurity sources spanning NIS2, ENISA, national cyber authorities, and widely used government frameworks.

01NCSC Ireland

Ireland — NCSC

Official guidance, incident reporting, and frameworks from Ireland’s national cybersecurity authority.

8 resources2 categories

NCSC Guidance Hub

Official published guidance and templates for organisations.

Cyber Fundamentals Framework

Risk-based cybersecurity framework for maturity and NIS2-aligned measures.

NIS2 Information Hub

Ireland’s NIS2 updates, FAQs, and implementation materials.

S.I. 360/2018 — NIS Regulations

Irish statutory instrument implementing NIS obligations.

02NCSC UK

United Kingdom — NCSC

Guidance and frameworks from the UK’s national cybersecurity authority, including Cyber Essentials.

9 resources2 categories

10 Steps to Cyber Security

Government-backed framework for organisational cyber risk management.

Cyber Essentials

Minimum cyber security standard for organisations of all sizes.

Cyber Essentials Scheme Overview

Government guidance on the Cyber Essentials certification scheme.

NIS Regulations 2018

UK Network and Information Systems Regulations legal text.

legislation.gov.uk

03EU Cybersecurity

EU Cybersecurity Law and ENISA

EU-wide cybersecurity legislation and guidance from the EU Agency for Cybersecurity.

10 resources2 categories

NIS2 Directive (EU) 2022/2555

EU-wide cybersecurity obligations for essential and important entities.

NIS2 Technical Requirements (2024/2690)

Detailed technical measures and significant incident criteria.

EU Cybersecurity Act (2019/881)

ENISA mandate and EU cybersecurity certification framework.

Cyber Resilience Act (2024/2847)

Product security requirements for connected hardware and software.

04US Government

United States — NIST and CISA

Widely used US government cybersecurity frameworks and threat resources.

6 resources2 categories

NIST Cybersecurity Framework

Official landing page for the Cybersecurity Framework and supporting resources.

The CSF 2.0 publication.

NIST SP 800-53 Rev. 5

Security and privacy controls catalogue for assurance programmes.

US government hub for ransomware prevention and response.

All links point to external official sources. Acompli does not control their content and is not affiliated with the issuing bodies. If a link has changed, please contact us.

Put these sources to work

Acompli builds regulatory intelligence into your compliance workflow. Work from a governed knowledge base with regulatory intelligence built into your compliance workflow.

Get started →See how it works